Plex backtracks on controversial privacy policy change
Last week Plex upset a large portion of its userbase by announcing a change to its privacy policy. The change, which was due to take effect in late September, meant that it would not be possible to opt out of data collection.
After a serious backlash, the company has changed its mind, backtracking on the privacy policy update, saying that it recognized the concerns raised by users. The company insists that it was not trying to sneak the policy change by users and that it had no intention of selling data. Importantly, however, users are still going to be able to opt out of playback data collection if they want.
See also:
The response in the Plex forums is mixed. For some users it seems that the reversal of decision is too little too late, but others have been placated by the move. Plex tries to explain that there are various pieces of data that have to be collected in order for the service to function properly (such as checking for the existence of a Plex Pass subscription, checking for updates, and so on).
Plex CEO Keith Valory says that to provide an opt-out option "gives a false sense of privacy and feels disingenuous on our part. That is, even if you opted out, there is still a bunch of data we are collecting that we tried to call out as exceptions." This is the reason for the initial change that caused so much controversy, but he acknowledges that data tracking would, technically, make it possible to work out what media files were in users' libraries. To this he says:
This was clearly a detail we missed, and many of you have raised it after the fact. While we think it would be hard for someone to figure out the identity of a file based on some media information (e.g. media duration), it is certainly more than just a theoretical possibility. And, again, we have ZERO interest in knowing or being able to know what is any of your libraries.
But what people are really interested in is what is now being done. Valory has written a post explaining about the change of heart about the policy change and the new changes that will now be implemented:
Generalization. First, as has been recommended by a bunch of folks in the community (lots of great ideas!), we are going to "generalize" playback stats in order to make it impossible to create any sort of "fingerprint" that would allow anyone to identify a file in a library. For example, we will round playback duration and bit rate so as to avoid the possibility of identifying the media. This should provide users the comfort that nobody can identify what files are being played using these stats, while also giving us valuable insight into things like: how does the server perform at certain combinations of hardware, codecs, bit rate, and resolution?; what are the stall rates on different platforms for improving Automatic Bit Rate functionality?; is a given feature even being used?; and are users having a hard time finding a certain button? This helps make the product better for everyone without getting "all up in your kitchen".
Opt out of Playback Data. Second, in addition to providing the ability to opt out of crash reporting and marketing communications, we will provide you the ability to opt out of playback statistics for personal content on your Plex Media Server, like duration, bit rate, and resolution in a new privacy setting. We will list exactly what these statistics are, and I promise the words "such as" will not appear on that screen :-). We think this gives folks who are concerned about this the ability to make a more informed decision of what they are opting out of and why, while at the same time not providing a false sense of security by essentially providing an "opt out" in the setup that necessarily doesn’t cover a lot of the data that we must collect to provide you our services.
Complete list of Usage Statistics. Finally, in the new privacy tab in the server settings we will provide a full list of all product events data that we collect. While we've always followed the Privacy Policy "norm" of enumerating types of data and then providing examples, as I’ve said, that has created challenges in the past, and we've definitely heard more folks express concern with this approach over the last 24 hours. Our intention here is to provide full transparency. Users will have one place where they can see what data is being collected and where they can opt out of playback data that they are not comfortable with (though we'll do our best to get them comfortable!).
The latest update will be implemented "over the next few days," but is it enough to keep you happy?